def check_request_pin(self, pin_input, approver_key): if self.is_open and self.request_pin_hash: if psv_hash256(pin_input, approver_key) == self.request_pin_hash: return True else: return False else: # Always return false if this is not an open request, or if there's no hash to check return False
def get_request_pin(self, pin_required=False): if self.anonymous or pin_required: request_pin_source = rand_int_list(6) request_pin = ''.join(map(str, request_pin_source)) self.request_pin_hash = psv_hash256(request_pin, self.approver.key_str) self.save() return request_pin else: # This validation method is only needed for anonymous requests return False
def check_auth_key(self, input_key, approval_request=None): if approval_request: target_obj = approval_request else: target_obj = self input_hash = psv_hash256(input_key, self.authorization.init_secret, str(target_obj.timestamp_authkey)) if input_hash == target_obj.auth_key_hash: return True else: return False
def new_auth_key(self, approval_request=None): if approval_request: target_obj = approval_request else: target_obj = self new_key = uuid.uuid4() new_key_timestamp = timezone.now() new_key_hash = psv_hash256(new_key, self.authorization.init_secret, str(new_key_timestamp)) target_obj.auth_key_hash = new_key_hash target_obj.timestamp_authkey = new_key_timestamp target_obj.save() return new_key
def save(self, *args, **kwargs): if not self.pk: self.init_secret = psv_hash256(self.init_key_str, str(self.timestamp_post)) super(device_authorization_token, self).save(*args, **kwargs)